Google redirect

[Countryrock2001]

Well, I thought I had this problem licked. I think there is still something lurking in my system though. Every now and then when I search for something on google I get redirected to some random site that never loads when I click on a legitimate search result. Where do I start to get rid of this?

[LDTate]

Logs will be closed if you haven't replied within 3 days

Please don't attach the scans / logs from these scans, use "copy/paste".

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.

Doing so could make your pc inoperatible and could require a full reinstall of your OS, losing all your programs and data.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.

You might want to print these instructions out.

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download ATF Cleaner by Atribune.

Download - ATF Cleaner»

Double-click ATF-Cleaner.exe to run the program.

Under Main choose: Select All

Click the Empty Selected button.

• If you use Firefox browser
  Click Firefox at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  

If you use Opera browser

• Click Opera at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.
  

Click Exit on the Main menu to close the program.

It's normal after running ATF cleaner that the PC will be slower to boot the first time or two.

Next:

Note: Close all browsers before running ATF Cleaner: IE, FireFox, etc.

Please download GooredFix from one of the locations below and save it to your Desktop

Download Mirror #1

Download Mirror #2

• Ensure all Firefox windows are closed.
  
• To run the tool, double-click it (XP), or right-click and select Run As Administrator (Vista).
  
• When prompted to run the scan, click Yes.
  
• It doesn't take long to run, once it is finished move onto the next step
  

Next:

Download TDSSKiller from here and save it to your Desktop.

Note: if the Cure option is not there, please select 'Skip'.

Please read carefully and follow these steps.

1. Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
   
   
2. Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
   
   
3. Click the Start Scan button.
   
   
4. If a suspicious object is detected, the default action will be Skip, click on Continue.
   
   
5. If Malicious objects are found then ensure Cure is selected
   
6. If TDLFS File System is found then ensure Delete is selected
   
7. Then click Continue Reboot now to finish the cleaning process.
   
   

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

[Countryrock2001]

01:15:53.0409 3344 TDSS rootkit removing tool 2.8.6.0 Aug 13 2012 17:24:05

01:15:53.0679 3344 ============================================================

01:15:53.0679 3344 Current date / time: 2012/08/18 01:15:53.0679

01:15:53.0679 3344 SystemInfo:

01:15:53.0679 3344

01:15:53.0689 3344 OS Version: 6.1.7601 ServicePack: 1.0

01:15:53.0689 3344 Product type: Workstation

01:15:53.0689 3344 ComputerName: HOME2

01:15:53.0689 3344 UserName: DeerSlayer7600

01:15:53.0689 3344 Windows directory: C:\Windows

01:15:53.0689 3344 System windows directory: C:\Windows

01:15:53.0689 3344 Running under WOW64

01:15:53.0689 3344 Processor architecture: Intel x64

01:15:53.0689 3344 Number of processors: 2

01:15:53.0689 3344 Page size: 0x1000

01:15:53.0689 3344 Boot type: Normal boot

01:15:53.0689 3344 ============================================================

01:15:54.0259 3344 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

01:15:54.0289 3344 ============================================================

01:15:54.0289 3344 \Device\Harddisk0\DR0:

01:15:54.0289 3344 MBR partitions:

01:15:54.0289 3344 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC17800, BlocksNum 0x32000

01:15:54.0289 3344 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC49800, BlocksNum 0x247E4AB0

01:15:54.0289 3344 ============================================================

01:15:54.0329 3344 C: <-> \Device\Harddisk0\DR0\Partition2

01:15:54.0329 3344 ============================================================

01:15:54.0329 3344 Initialize success

01:15:54.0329 3344 ============================================================

01:16:01.0248 8740 ============================================================

01:16:01.0248 8740 Scan started

01:16:01.0248 8740 Mode: Manual; SigCheck; TDLFS;

01:16:01.0248 8740 ============================================================

01:16:04.0484 8740 ================ Scan services =============================

01:16:04.0704 8740 [ a87d604aea360176311474c87a63bb88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

01:16:04.0944 8740 1394ohci - ok

01:16:05.0014 8740 [ adc420616c501b45d26c0fd3ef1e54e4 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

01:16:05.0054 8740 ACDaemon - ok

01:16:05.0104 8740 [ d81d9e70b8a6dd14d42d7b4efa65d5f2 ] ACPI C:\Windows\system32\drivers\ACPI.sys

01:16:05.0134 8740 ACPI - ok

01:16:05.0164 8740 [ 99f8e788246d495ce3794d7e7821d2ca ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

01:16:05.0284 8740 AcpiPmi - ok

01:16:05.0424 8740 [ 11a52cf7b265631deeb24c6149309eff ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

01:16:05.0454 8740 AdobeARMservice - ok

01:16:05.0484 8740 [ 2f6b34b83843f0c5118b63ac634f5bf4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys

01:16:05.0514 8740 adp94xx - ok

01:16:05.0514 8740 [ 597f78224ee9224ea1a13d6350ced962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys

01:16:05.0544 8740 adpahci - ok

01:16:05.0554 8740 [ e109549c90f62fb570b9540c4b148e54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys

01:16:05.0574 8740 adpu320 - ok

01:16:05.0594 8740 [ 4b78b431f225fd8624c5655cb1de7b61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

01:16:05.0774 8740 AeLookupSvc - ok

01:16:05.0824 8740 [ 1c7857b62de5994a75b054a9fd4c3825 ] AFD C:\Windows\system32\drivers\afd.sys

01:16:05.0914 8740 AFD - ok

01:16:05.0964 8740 [ 608c14dba7299d8cb6ed035a68a15799 ] agp440 C:\Windows\system32\drivers\agp440.sys

01:16:06.0004 8740 agp440 - ok

01:16:06.0024 8740 [ 3290d6946b5e30e70414990574883ddb ] ALG C:\Windows\System32\alg.exe

01:16:06.0094 8740 ALG - ok

01:16:06.0124 8740 [ 5812713a477a3ad7363c7438ca2ee038 ] aliide C:\Windows\system32\drivers\aliide.sys

01:16:06.0144 8740 aliide - ok

01:16:06.0174 8740 [ 322a2c5d390109a4e50679ab58dea870 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe

01:16:06.0264 8740 AMD External Events Utility - ok

01:16:06.0284 8740 [ 1ff8b4431c353ce385c875f194924c0c ] amdide C:\Windows\system32\drivers\amdide.sys

01:16:06.0304 8740 amdide - ok

01:16:06.0324 8740 [ 7024f087cff1833a806193ef9d22cda9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys

01:16:06.0384 8740 AmdK8 - ok

01:16:06.0394 8740 [ 1e56388b3fe0d031c44144eb8c4d6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys

01:16:06.0434 8740 AmdPPM - ok

01:16:06.0464 8740 [ d4121ae6d0c0e7e13aa221aa57ef2d49 ] amdsata C:\Windows\system32\drivers\amdsata.sys

01:16:06.0484 8740 amdsata - ok

01:16:06.0504 8740 [ f67f933e79241ed32ff46a4f29b5120b ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys

01:16:06.0524 8740 amdsbs - ok

01:16:06.0544 8740 [ 540daf1cea6094886d72126fd7c33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys

01:16:06.0554 8740 amdxata - ok

01:16:06.0584 8740 [ 56bd886820c4aedf493cfcdf1ccfb004 ] ApfiltrService C:\Windows\system32\DRIVERS\Apfiltr.sys

01:16:06.0604 8740 ApfiltrService - ok

01:16:06.0654 8740 [ 89a69c3f2f319b43379399547526d952 ] AppID C:\Windows\system32\drivers\appid.sys

01:16:06.0854 8740 AppID - ok

01:16:06.0874 8740 [ 0bc381a15355a3982216f7172f545de1 ] AppIDSvc C:\Windows\System32\appidsvc.dll

01:16:06.0974 8740 AppIDSvc - ok

01:16:07.0024 8740 [ 3977d4a871ca0d4f2ed1e7db46829731 ] Appinfo C:\Windows\System32\appinfo.dll

01:16:07.0114 8740 Appinfo - ok

01:16:07.0144 8740 appliandMP - ok

01:16:07.0169 8740 [ 4aba3e75a76195a3e38ed2766c962899 ] AppMgmt C:\Windows\System32\appmgmts.dll

01:16:07.0247 8740 AppMgmt - ok

01:16:07.0278 8740 [ c484f8ceb1717c540242531db7845c4e ] arc C:\Windows\system32\DRIVERS\arc.sys

01:16:07.0294 8740 arc - ok

01:16:07.0310 8740 [ 019af6924aefe7839f61c830227fe79c ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys

01:16:07.0325 8740 arcsas - ok

01:16:07.0341 8740 [ 769765ce2cc62867468cea93969b2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

01:16:07.0388 8740 AsyncMac - ok

01:16:07.0434 8740 [ 02062c0b390b7729edc9e69c680a6f3c ] atapi C:\Windows\system32\drivers\atapi.sys

01:16:07.0466 8740 atapi - ok

01:16:07.0590 8740 [ de0ede41bc530f1759c6fffcb8c7a0cf ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys

01:16:07.0746 8740 atikmdag - ok

01:16:07.0824 8740 [ f23fef6d569fce88671949894a8becf1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

01:16:07.0934 8740 AudioEndpointBuilder - ok

01:16:07.0949 8740 [ f23fef6d569fce88671949894a8becf1 ] AudioSrv C:\Windows\System32\Audiosrv.dll

01:16:07.0980 8740 AudioSrv - ok

01:16:08.0136 8740 [ 080d4fe1435401a370f122614ea514cd ] AVG Security Toolbar Service C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe

01:16:08.0183 8740 AVG Security Toolbar Service - ok

01:16:08.0402 8740 [ d67719bcfde5798f5c30d14efed3bcaf ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

01:16:08.0526 8740 AVGIDSAgent - ok

01:16:08.0573 8740 [ 1b2e9fcdc26dc7c81d4131430e2dc936 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys

01:16:08.0604 8740 AVGIDSDriver - ok

01:16:08.0620 8740 [ 0f293406f64b48d5d2f0d3a1117f3a83 ] AVGIDSFilter C:\Windows\system32\DRIVERS\avgidsfiltera.sys

01:16:08.0636 8740 AVGIDSFilter - ok

01:16:08.0698 8740 [ cffc3a4a638f462e0561cb368b9a7a3a ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys

01:16:08.0729 8740 AVGIDSHA - ok

01:16:08.0729 8740 [ 59955b4c288dd2a8b9fd2cd5158355c5 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys

01:16:08.0760 8740 Avgldx64 - ok

01:16:08.0807 8740 [ a6aec362aae5e2dda7445e7690cb0f33 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys

01:16:08.0823 8740 Avgmfx64 - ok

01:16:08.0870 8740 [ 645c7f0a0e39758a0024a9b1748273c0 ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys

01:16:08.0870 8740 Avgrkx64 - ok

01:16:08.0948 8740 [ 1bee674ad792b1c63bb0dac5fa724b23 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys

01:16:08.0979 8740 Avgtdia - ok

01:16:09.0041 8740 [ ea1145debcd508fd25bd1e95c4346929 ] avgwd C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

01:16:09.0057 8740 avgwd - ok

01:16:09.0119 8740 [ a6bf31a71b409dfa8cac83159e1e2aff ] AxInstSV C:\Windows\System32\AxInstSV.dll

01:16:09.0244 8740 AxInstSV - ok

01:16:09.0275 8740 [ 3e5b191307609f7514148c6832bb0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys

01:16:09.0353 8740 b06bdrv - ok

01:16:09.0384 8740 [ b5ace6968304a3900eeb1ebfd9622df2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

01:16:09.0447 8740 b57nd60a - ok

01:16:09.0478 8740 [ fde360167101b4e45a96f939f388aeb0 ] BDESVC C:\Windows\System32\bdesvc.dll

01:16:09.0556 8740 BDESVC - ok

01:16:09.0572 8740 [ 16a47ce2decc9b099349a5f840654746 ] Beep C:\Windows\system32\drivers\Beep.sys

01:16:09.0650 8740 Beep - ok

01:16:09.0743 8740 [ 82974d6a2fd19445cc5171fc378668a4 ] BFE C:\Windows\System32\bfe.dll

01:16:09.0868 8740 BFE - ok

01:16:09.0899 8740 [ 1ea7969e3271cbc59e1730697dc74682 ] BITS C:\Windows\system32\qmgr.dll

01:16:10.0008 8740 BITS - ok

01:16:10.0040 8740 [ 61583ee3c3a17003c4acd0475646b4d3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

01:16:10.0055 8740 blbdrive - ok

01:16:10.0086 8740 [ 6c02a83164f5cc0a262f4199f0871cf5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

01:16:10.0164 8740 bowser - ok

01:16:10.0180 8740 [ f09eee9edc320b5e1501f749fde686c8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys

01:16:10.0289 8740 BrFiltLo - ok

01:16:10.0289 8740 [ b114d3098e9bdb8bea8b053685831be6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys

01:16:10.0336 8740 BrFiltUp - ok

01:16:10.0367 8740 [ 5c2f352a4e961d72518261257aae204b ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

01:16:10.0430 8740 BridgeMP - ok

01:16:10.0476 8740 [ 05f5a0d14a2ee1d8255c2aa0e9e8e694 ] Browser C:\Windows\System32\browser.dll

01:16:10.0570 8740 Browser - ok

01:16:10.0601 8740 [ 43bea8d483bf1870f018e2d02e06a5bd ] Brserid C:\Windows\System32\Drivers\Brserid.sys

01:16:10.0664 8740 Brserid - ok

01:16:10.0679 8740 [ a6eca2151b08a09caceca35c07f05b42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

01:16:10.0757 8740 BrSerWdm - ok

01:16:10.0773 8740 [ b79968002c277e869cf38bd22cd61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

01:16:10.0788 8740 BrUsbMdm - ok

01:16:10.0804 8740 [ a87528880231c54e75ea7a44943b38bf ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

01:16:10.0820 8740 BrUsbSer - ok

01:16:10.0866 8740 [ cf98190a94f62e405c8cb255018b2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys

01:16:10.0944 8740 BthEnum - ok

01:16:10.0960 8740 [ 9da669f11d1f894ab4eb69bf546a42e8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys

01:16:11.0007 8740 BTHMODEM - ok

01:16:11.0038 8740 [ 02dd601b708dd0667e1331fa8518e9ff ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys

01:16:11.0085 8740 BthPan - ok

01:16:11.0116 8740 [ 738d0e9272f59eb7a1449c3ec118e6c4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys

01:16:11.0210 8740 BTHPORT - ok

01:16:11.0241 8740 [ 95f9c2976059462cbbf227f7aab10de9 ] bthserv C:\Windows\system32\bthserv.dll

01:16:11.0272 8740 bthserv - ok

01:16:11.0288 8740 [ f188b7394d81010767b6df3178519a37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys

01:16:11.0319 8740 BTHUSB - ok

01:16:11.0412 8740 [ 2641a3fe3d7b0646308f33b67f3b5300 ] btusbflt C:\Windows\system32\drivers\btusbflt.sys

01:16:11.0444 8740 btusbflt - ok

01:16:11.0475 8740 [ 6bcfdc2b5b7f66d484486d4bd4b39a6b ] btwaudio C:\Windows\system32\drivers\btwaudio.sys

01:16:11.0490 8740 btwaudio - ok

01:16:11.0490 8740 [ 82dc8b7c626e526681c1bebed2bc3ff9 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys

01:16:11.0522 8740 btwavdt - ok

01:16:11.0568 8740 [ d65aa164acd0f6706dbcfbbcc9731584 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

01:16:11.0615 8740 btwdins - ok

01:16:11.0631 8740 [ 6149301dc3f81d6f9667a3fbac410975 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys

01:16:11.0646 8740 btwl2cap - ok

01:16:11.0662 8740 [ 28e105ad3b79f440bf94780f507bf66a ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys

01:16:11.0678 8740 btwrchid - ok

01:16:11.0693 8740 [ b8bd2bb284668c84865658c77574381a ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

01:16:11.0802 8740 cdfs - ok

01:16:11.0834 8740 [ f036ce71586e93d94dab220d7bdf4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

01:16:11.0990 8740 cdrom - ok

01:16:12.0021 8740 [ f17d1d393bbc69c5322fbfafaca28c7f ] CertPropSvc C:\Windows\System32\certprop.dll

01:16:12.0114 8740 CertPropSvc - ok

01:16:12.0130 8740 [ d7cd5c4e1b71fa62050515314cfb52cf ] circlass C:\Windows\system32\DRIVERS\circlass.sys

01:16:12.0161 8740 circlass - ok

01:16:12.0239 8740 [ fe1ec06f2253f691fe36217c592a0206 ] CLFS C:\Windows\system32\CLFS.sys

01:16:12.0270 8740 CLFS - ok

01:16:12.0317 8740 [ d88040f816fda31c3b466f0fa0918f29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

01:16:12.0380 8740 clr_optimization_v2.0.50727_32 - ok

01:16:12.0426 8740 [ d1ceea2b47cb998321c579651ce3e4f8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

01:16:12.0458 8740 clr_optimization_v2.0.50727_64 - ok

01:16:12.0536 8740 [ c5a75eb48e2344abdc162bda79e16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

01:16:12.0582 8740 clr_optimization_v4.0.30319_32 - ok

01:16:12.0614 8740 [ c6f9af94dcd58122a4d7e89db6bed29d ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

01:16:12.0629 8740 clr_optimization_v4.0.30319_64 - ok

01:16:12.0660 8740 [ 0840155d0bddf1190f84a663c284bd33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys

01:16:12.0700 8740 CmBatt - ok

01:16:12.0730 8740 [ e19d3f095812725d88f9001985b94edd ] cmdide C:\Windows\system32\drivers\cmdide.sys

01:16:12.0740 8740 cmdide - ok

01:16:12.0770 8740 [ 9ac4f97c2d3e93367e2148ea940cd2cd ] CNG C:\Windows\system32\Drivers\cng.sys

01:16:12.0840 8740 CNG - ok

01:16:12.0850 8740 [ 102de219c3f61415f964c88e9085ad14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys

01:16:12.0870 8740 Compbatt - ok

01:16:12.0910 8740 [ 03edb043586cceba243d689bdda370a8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys

01:16:12.0980 8740 CompositeBus - ok

01:16:12.0990 8740 COMSysApp - ok

01:16:13.0000 8740 [ 1c827878a998c18847245fe1f34ee597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys

01:16:13.0020 8740 crcdisk - ok

01:16:13.0070 8740 [ 4f5414602e2544a4554d95517948b705 ] CryptSvc C:\Windows\system32\cryptsvc.dll

01:16:13.0140 8740 CryptSvc - ok

01:16:13.0190 8740 [ 54da3dfd29ed9f1619b6f53f3ce55e49 ] CSC C:\Windows\system32\drivers\csc.sys

01:16:13.0300 8740 CSC - ok

01:16:13.0340 8740 [ 3ab183ab4d2c79dcf459cd2c1266b043 ] CscService C:\Windows\System32\cscsvc.dll

01:16:13.0410 8740 CscService - ok

01:16:13.0460 8740 [ 5c627d1b1138676c0a7ab2c2c190d123 ] DcomLaunch C:\Windows\system32\rpcss.dll

01:16:13.0560 8740 DcomLaunch - ok

01:16:13.0580 8740 [ 3cec7631a84943677aa8fa8ee5b6b43d ] defragsvc C:\Windows\System32\defragsvc.dll

01:16:13.0650 8740 defragsvc - ok

01:16:13.0710 8740 [ 9bb2ef44eaa163b29c4a4587887a0fe4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys

01:16:13.0800 8740 DfsC - ok

01:16:13.0820 8740 [ 43d808f5d9e1a18e5eeb5ebc83969e4e ] Dhcp C:\Windows\system32\dhcpcore.dll

01:16:13.0900 8740 Dhcp - ok

01:16:13.0940 8740 [ 13096b05847ec78f0977f2c0f79e9ab3 ] discache C:\Windows\system32\drivers\discache.sys

01:16:14.0030 8740 discache - ok

01:16:14.0050 8740 [ 9819eee8b5ea3784ec4af3b137a5244c ] Disk C:\Windows\system32\DRIVERS\disk.sys

01:16:14.0060 8740 Disk - ok

01:16:14.0110 8740 [ 16835866aaa693c7d7fceba8fff706e4 ] Dnscache C:\Windows\System32\dnsrslvr.dll

01:16:14.0200 8740 Dnscache - ok

01:16:14.0260 8740 [ b1fb3ddca0fdf408750d5843591afbc6 ] dot3svc C:\Windows\System32\dot3svc.dll

01:16:14.0350 8740 dot3svc - ok

01:16:14.0400 8740 [ b26f4f737e8f9df4f31af6cf31d05820 ] DPS C:\Windows\system32\dps.dll

01:16:14.0510 8740 DPS - ok

01:16:14.0530 8740 [ 9b19f34400d24df84c858a421c205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

01:16:14.0550 8740 drmkaud - ok

01:16:14.0570 8740 [ fb9bef3401ee5ecc2603311b9c64f44a ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys

01:16:14.0590 8740 dtsoftbus01 - ok

01:16:14.0650 8740 [ f5bee30450e18e6b83a5012c100616fd ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

01:16:14.0690 8740 DXGKrnl - ok

01:16:14.0710 8740 [ e2dda8726da9cb5b2c4000c9018a9633 ] EapHost C:\Windows\System32\eapsvc.dll

01:16:14.0770 8740 EapHost - ok

01:16:14.0870 8740 [ dc5d737f51be844d8c82c695eb17372f ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys

01:16:14.0970 8740 ebdrv - ok

01:16:15.0010 8740 [ c118a82cd78818c29ab228366ebf81c3 ] EFS C:\Windows\System32\lsass.exe

01:16:15.0090 8740 EFS - ok

01:16:15.0130 8740 [ c4002b6b41975f057d98c439030cea07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

01:16:15.0240 8740 ehRecvr - ok

01:16:15.0260 8740 [ 4705e8ef9934482c5bb488ce28afc681 ] ehSched C:\Windows\ehome\ehsched.exe

01:16:15.0340 8740 ehSched - ok

01:16:15.0380 8740 [ 0e5da5369a0fcaea12456dd852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys

01:16:15.0400 8740 elxstor - ok

01:16:15.0420 8740 enodpl - ok

01:16:15.0470 8740 [ 34a3c54752046e79a126e15c51db409b ] ErrDev C:\Windows\system32\drivers\errdev.sys

01:16:15.0520 8740 ErrDev - ok

01:16:15.0580 8740 [ 4166f82be4d24938977dd1746be9b8a0 ] EventSystem C:\Windows\system32\es.dll

01:16:15.0650 8740 EventSystem - ok

01:16:15.0760 8740 [ 51643ee2712d9212e1e53ca7e8d8eb4a ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe

01:16:15.0810 8740 EvtEng - ok

01:16:15.0830 8740 [ a510c654ec00c1e9bdd91eeb3a59823b ] exfat C:\Windows\system32\drivers\exfat.sys

01:16:15.0890 8740 exfat - ok

01:16:15.0910 8740 [ 0adc83218b66a6db380c330836f3e36d ] fastfat C:\Windows\system32\drivers\fastfat.sys

01:16:16.0000 8740 fastfat - ok

01:16:16.0070 8740 [ dbefd454f8318a0ef691fdd2eaab44eb ] Fax C:\Windows\system32\fxssvc.exe

01:16:16.0170 8740 Fax - ok

01:16:16.0200 8740 [ d765d19cd8ef61f650c384f62fac00ab ] fdc C:\Windows\system32\DRIVERS\fdc.sys

01:16:16.0260 8740 fdc - ok

01:16:16.0310 8740 [ 0438cab2e03f4fb61455a7956026fe86 ] fdPHost C:\Windows\system32\fdPHost.dll

01:16:16.0400 8740 fdPHost - ok

01:16:16.0410 8740 [ 802496cb59a30349f9a6dd22d6947644 ] FDResPub C:\Windows\system32\fdrespub.dll

01:16:16.0470 8740 FDResPub - ok

01:16:16.0490 8740 [ 655661be46b5f5f3fd454e2c3095b930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

01:16:16.0500 8740 FileInfo - ok

01:16:16.0540 8740 [ 5f671ab5bc87eea04ec38a6cd5962a47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

01:16:16.0600 8740 Filetrace - ok

01:16:16.0610 8740 [ c172a0f53008eaeb8ea33fe10e177af5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys

01:16:16.0630 8740 flpydisk - ok

01:16:16.0680 8740 [ da6b67270fd9db3697b20fce94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

01:16:16.0700 8740 FltMgr - ok

01:16:16.0780 8740 [ 5c4cb4086fb83115b153e47add961a0c ] FontCache C:\Windows\system32\FntCache.dll

01:16:16.0910 8740 FontCache - ok

01:16:16.0980 8740 [ a8b7f3818ab65695e3a0bb3279f6dce6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

01:16:17.0010 8740 FontCache3.0.0.0 - ok

01:16:17.0030 8740 [ d43703496149971890703b4b1b723eac ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

01:16:17.0040 8740 FsDepends - ok

01:16:17.0090 8740 [ 6bd9295cc032dd3077c671fccf579a7b ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

01:16:17.0100 8740 Fs_Rec - ok

01:16:17.0160 8740 [ 1f7b25b858fa27015169fe95e54108ed ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

01:16:17.0190 8740 fvevol - ok

01:16:17.0210 8740 [ 8c778d335c9d272cfd3298ab02abe3b6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys

01:16:17.0230 8740 gagp30kx - ok

01:16:17.0290 8740 [ 277bbc7e1aa1ee957f573a10eca7ef3a ] gpsvc C:\Windows\System32\gpsvc.dll

01:16:17.0380 8740 gpsvc - ok

01:16:17.0470 8740 [ f02a533f517eb38333cb12a9e8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

01:16:17.0500 8740 gupdate - ok

01:16:17.0530 8740 [ f02a533f517eb38333cb12a9e8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

01:16:17.0550 8740 gupdatem - ok

01:16:17.0600 8740 [ 1e6438d4ea6e1174a3b3b1edc4de660b ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys

01:16:17.0640 8740 hamachi - ok

01:16:17.0670 8740 [ f2523ef6460fc42405b12248338ab2f0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

01:16:17.0730 8740 hcw85cir - ok

01:16:17.0780 8740 [ 975761c778e33cd22498059b91e7373a ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

01:16:17.0800 8740 HdAudAddService - ok

01:16:17.0810 8740 [ 97bfed39b6b79eb12cddbfeed51f56bb ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys

01:16:17.0880 8740 HDAudBus - ok

01:16:17.0900 8740 [ 78e86380454a7b10a5eb255dc44a355f ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys

01:16:17.0950 8740 HidBatt - ok

01:16:17.0990 8740 [ 7fd2a313f7afe5c4dab14798c48dd104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys

01:16:18.0030 8740 HidBth - ok

01:16:18.0060 8740 [ 0a77d29f311b88cfae3b13f9c1a73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys

01:16:18.0120 8740 HidIr - ok

01:16:18.0140 8740 [ bd9eb3958f213f96b97b1d897dee006d ] hidserv C:\Windows\System32\hidserv.dll

01:16:18.0190 8740 hidserv - ok

01:16:18.0230 8740 [ 9592090a7e2b61cd582b612b6df70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

01:16:18.0270 8740 HidUsb - ok

01:16:18.0310 8740 [ 387e72e739e15e3d37907a86d9ff98e2 ] hkmsvc C:\Windows\system32\kmsvc.dll

01:16:18.0400 8740 hkmsvc - ok

01:16:18.0460 8740 [ efdfb3dd38a4376f93e7985173813abd ] HomeGroupListener C:\Windows\system32\ListSvc.dll

01:16:18.0550 8740 HomeGroupListener - ok

01:16:18.0610 8740 [ 908acb1f594274965a53926b10c81e89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

01:16:18.0660 8740 HomeGroupProvider - ok

01:16:18.0680 8740 [ 39d2abcd392f3d8a6dce7b60ae7b8efc ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

01:16:18.0700 8740 HpSAMD - ok

01:16:18.0750 8740 [ 0ea7de1acb728dd5a369fd742d6eee28 ] HTTP C:\Windows\system32\drivers\HTTP.sys

01:16:18.0820 8740 HTTP - ok

01:16:18.0850 8740 [ a5462bd6884960c9dc85ed49d34ff392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

01:16:18.0860 8740 hwpolicy - ok

01:16:18.0920 8740 [ fa55c73d4affa7ee23ac4be53b4592d3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

01:16:18.0930 8740 i8042prt - ok

01:16:18.0980 8740 [ 7548066df68a8a1a56b043359f915f37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

01:16:19.0020 8740 IAANTMON - ok

01:16:19.0040 8740 [ 1d004cb1da6323b1f55caef7f94b61d9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys

01:16:19.0050 8740 iaStor - ok

01:16:19.0100 8740 [ aaaf44db3bd0b9d1fb6969b23ecc8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

01:16:19.0140 8740 iaStorV - ok

01:16:19.0230 8740 [ 5988fc40f8db5b0739cd1e3a5d0d78bd ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

01:16:19.0280 8740 idsvc - ok

01:16:19.0300 8740 [ 5c18831c61933628f5bb0ea2675b9d21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys

01:16:19.0320 8740 iirsp - ok

01:16:19.0380 8740 [ fcd84c381e0140af901e58d48882d26b ] IKEEXT C:\Windows\System32\ikeext.dll

01:16:19.0480 8740 IKEEXT - ok

01:16:19.0560 8740 [ b16fc828ce7a76a8f1ce682e6ead2627 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

01:16:19.0680 8740 IntcAzAudAddService - ok

01:16:19.0730 8740 [ f00f20e70c6ec3aa366910083a0518aa ] intelide C:\Windows\system32\drivers\intelide.sys

01:16:19.0750 8740 intelide - ok

01:16:19.0770 8740 [ ada036632c664caa754079041cf1f8c1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

01:16:19.0820 8740 intelppm - ok

01:16:19.0870 8740 [ 098a91c54546a3b878dad6a7e90a455b ] IPBusEnum C:\Windows\system32\ipbusenum.dll

01:16:19.0960 8740 IPBusEnum - ok

01:16:20.0030 8740 [ c9f0e1bd74365a8771590e9008d22ab6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

01:16:20.0080 8740 IpFilterDriver - ok

01:16:20.0140 8740 [ a34a587fffd45fa649fba6d03784d257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

01:16:20.0200 8740 iphlpsvc - ok

01:16:20.0240 8740 [ 0fc1aea580957aa8817b8f305d18ca3a ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

01:16:20.0310 8740 IPMIDRV - ok

01:16:20.0340 8740 [ af9b39a7e7b6caa203b3862582e9f2d0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys

01:16:20.0430 8740 IPNAT - ok

01:16:20.0440 8740 [ 3abf5e7213eb28966d55d58b515d5ce9 ] IRENUM C:\Windows\system32\drivers\irenum.sys

01:16:20.0570 8740 IRENUM - ok

01:16:20.0590 8740 [ 2f7b28dc3e1183e5eb418df55c204f38 ] isapnp C:\Windows\system32\drivers\isapnp.sys

01:16:20.0610 8740 isapnp - ok

01:16:20.0640 8740 [ d931d7309deb2317035b07c9f9e6b0bd ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

01:16:20.0650 8740 iScsiPrt - ok

01:16:20.0670 8740 [ bc02336f1cba7dcc7d1213bb588a68a5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

01:16:20.0690 8740 kbdclass - ok

01:16:20.0730 8740 [ 0705eff5b42a9db58548eec3b26bb484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

01:16:20.0780 8740 kbdhid - ok

01:16:20.0800 8740 [ c118a82cd78818c29ab228366ebf81c3 ] KeyIso C:\Windows\system32\lsass.exe

01:16:20.0820 8740 KeyIso - ok

01:16:20.0840 8740 [ 97a7070aea4c058b6418519e869a63b4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

01:16:20.0850 8740 KSecDD - ok

01:16:20.0870 8740 [ 26c43a7c2862447ec59deda188d1da07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

01:16:20.0890 8740 KSecPkg - ok

01:16:20.0910 8740 [ 6869281e78cb31a43e969f06b57347c4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

01:16:20.0990 8740 ksthunk - ok

01:16:21.0010 8740 [ 6ab66e16aa859232f64deb66887a8c9c ] KtmRm C:\Windows\system32\msdtckrm.dll

01:16:21.0070 8740 KtmRm - ok

01:16:21.0120 8740 [ d9f42719019740baa6d1c6d536cbdaa6 ] LanmanServer C:\Windows\System32\srvsvc.dll

01:16:21.0210 8740 LanmanServer - ok

01:16:21.0270 8740 [ 851a1382eed3e3a7476db004f4ee3e1a ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

01:16:21.0350 8740 LanmanWorkstation - ok

01:16:21.0360 8740 Lbd - ok

01:16:21.0460 8740 [ 7772dfab22611050b79504e671b06e6e ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

01:16:21.0510 8740 LBTServ - ok

01:16:21.0540 8740 [ 241f2648adf090e2a10095bd6d6f5dcb ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys

01:16:21.0550 8740 LHidFilt - ok

01:16:21.0580 8740 libusb0 - ok

01:16:21.0600 8740 [ 1538831cf8ad2979a04c423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

01:16:21.0680 8740 lltdio - ok

01:16:21.0700 8740 [ c1185803384ab3feed115f79f109427f ] lltdsvc C:\Windows\System32\lltdsvc.dll

01:16:21.0740 8740 lltdsvc - ok

01:16:21.0760 8740 [ f993a32249b66c9d622ea5592a8b76b8 ] lmhosts C:\Windows\System32\lmhsvc.dll

01:16:21.0800 8740 lmhosts - ok

01:16:21.0820 8740 [ 342ed5a4b3326014438f36d22d803737 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys

01:16:21.0830 8740 LMouFilt - ok

01:16:21.0860 8740 [ 1a93e54eb0ece102495a51266dcdb6a6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys

01:16:21.0870 8740 LSI_FC - ok

01:16:21.0880 8740 [ 1047184a9fdc8bdbff857175875ee810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys

01:16:21.0890 8740 LSI_SAS - ok

01:16:21.0900 8740 [ 30f5c0de1ee8b5bc9306c1f0e4a75f93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys

01:16:21.0910 8740 LSI_SAS2 - ok

01:16:21.0940 8740 [ 0504eacaff0d3c8aed161c4b0d369d4a ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys

01:16:21.0960 8740 LSI_SCSI - ok

01:16:21.0970 8740 [ 43d0f98e1d56ccddb0d5254cff7b356e ] luafv C:\Windows\system32\drivers\luafv.sys

01:16:22.0050 8740 luafv - ok

01:16:22.0110 8740 [ dbc08862a71459e74f7538b432c114cc ] MBAMProtector C:\Windows\system32\drivers\mbam.sys

01:16:22.0140 8740 MBAMProtector - ok

01:16:22.0290 8740 [ ba400ed640bca1eae5c727ae17c10207 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

01:16:22.0350 8740 MBAMService - ok

01:16:22.0400 8740 [ 0be09cd858abf9df6ed259d57a1a1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

01:16:22.0470 8740 Mcx2Svc - ok

01:16:22.0500 8740 [ a55805f747c6edb6a9080d7c633bd0f4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys

01:16:22.0520 8740 megasas - ok

01:16:22.0540 8740 [ baf74ce0072480c3b6b7c13b2a94d6b3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys

01:16:22.0550 8740 MegaSR - ok

01:16:22.0580 8740 [ e40e80d0304a73e8d269f7141d77250b ] MMCSS C:\Windows\system32\mmcss.dll

01:16:22.0630 8740 MMCSS - ok

01:16:22.0660 8740 [ 800ba92f7010378b09f9ed9270f07137 ] Modem C:\Windows\system32\drivers\modem.sys

01:16:22.0720 8740 Modem - ok

01:16:22.0740 8740 [ b03d591dc7da45ece20b3b467e6aadaa ] monitor C:\Windows\system32\DRIVERS\monitor.sys

01:16:22.0770 8740 monitor - ok

01:16:22.0840 8740 [ fc44ad48746ffa5fd640ef1260ab5ec2 ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys

01:16:22.0880 8740 MotioninJoyXFilter - ok

01:16:22.0960 8740 [ 9dfd34e6841c460b5d992a1c5327ae69 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe

01:16:22.0990 8740 MotoHelper - ok

01:16:23.0050 8740 [ 7d27ea49f3c1f687d357e77a470aea99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

01:16:23.0060 8740 mouclass - ok

01:16:23.0080 8740 [ d3bf052c40b0c4166d9fd86a4288c1e6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

01:16:23.0120 8740 mouhid - ok

01:16:23.0170 8740 [ 32e7a3d591d671a6df2db515a5cbe0fa ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

01:16:23.0200 8740 mountmgr - ok

01:16:23.0320 8740 [ 46297fa8e30a6007f14118fc2b942fbc ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

01:16:23.0370 8740 MozillaMaintenance - ok

01:16:23.0390 8740 [ a44b420d30bd56e145d6a2bc8768ec58 ] mpio C:\Windows\system32\drivers\mpio.sys

01:16:23.0400 8740 mpio - ok

01:16:23.0440 8740 [ 6c38c9e45ae0ea2fa5e551f2ed5e978f ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

01:16:23.0470 8740 mpsdrv - ok

01:16:23.0540 8740 [ 54ffc9c8898113ace189d4aa7199d2c1 ] MpsSvc C:\Windows\system32\mpssvc.dll

01:16:23.0670 8740 MpsSvc - ok

01:16:23.0720 8740 [ dc722758b8261e1abafd31a3c0a66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

01:16:23.0760 8740 MRxDAV - ok

01:16:23.0800 8740 [ a5d9106a73dc88564c825d317cac68ac ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

01:16:23.0890 8740 mrxsmb - ok

01:16:23.0950 8740 [ d711b3c1d5f42c0c2415687be09fc163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

01:16:24.0030 8740 mrxsmb10 - ok

01:16:24.0050 8740 [ 9423e9d355c8d303e76b8cfbd8a5c30c ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

01:16:24.0090 8740 mrxsmb20 - ok

01:16:24.0140 8740 [ c25f0bafa182cbca2dd3c851c2e75796 ] msahci C:\Windows\system32\drivers\msahci.sys

01:16:24.0150 8740 msahci - ok

01:16:24.0160 8740 [ db801a638d011b9633829eb6f663c900 ] msdsm C:\Windows\system32\drivers\msdsm.sys

01:16:24.0180 8740 msdsm - ok

01:16:24.0210 8740 [ de0ece52236cfa3ed2dbfc03f28253a8 ] MSDTC C:\Windows\System32\msdtc.exe

01:16:24.0270 8740 MSDTC - ok

01:16:24.0320 8740 [ aa3fb40e17ce1388fa1bedab50ea8f96 ] Msfs C:\Windows\system32\drivers\Msfs.sys

01:16:24.0350 8740 Msfs - ok

01:16:24.0360 8740 [ f9d215a46a8b9753f61767fa72a20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

01:16:24.0410 8740 mshidkmdf - ok

01:16:24.0440 8740 [ d916874bbd4f8b07bfb7fa9b3ccae29d ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

01:16:24.0450 8740 msisadrv - ok

01:16:24.0470 8740 [ 808e98ff49b155c522e6400953177b08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

01:16:24.0540 8740 MSiSCSI - ok

01:16:24.0540 8740 msiserver - ok

01:16:24.0570 8740 [ 49ccf2c4fea34ffad8b1b59d49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

01:16:24.0630 8740 MSKSSRV - ok

01:16:24.0650 8740 [ bdd71ace35a232104ddd349ee70e1ab3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

01:16:24.0680 8740 MSPCLOCK - ok

01:16:24.0690 8740 [ 4ed981241db27c3383d72092b618a1d0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

01:16:24.0750 8740 MSPQM - ok

01:16:24.0800 8740 [ 759a9eeb0fa9ed79da1fb7d4ef78866d ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

01:16:24.0820 8740 MsRPC - ok

01:16:24.0880 8740 [ 0eed230e37515a0eaee3c2e1bc97b288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys

01:16:24.0910 8740 mssmbios - ok

01:16:24.0920 8740 [ 2e66f9ecb30b4221a318c92ac2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

01:16:25.0010 8740 MSTEE - ok

01:16:25.0040 8740 [ 7ea404308934e675bffde8edf0757bcd ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys

01:16:25.0070 8740 MTConfig - ok

01:16:25.0110 8740 [ f9a18612fd3526fe473c1bda678d61c8 ] Mup C:\Windows\system32\Drivers\mup.sys

01:16:25.0140 8740 Mup - ok

01:16:25.0250 8740 [ 582ac6d9873e31dfa28a4547270862dd ] napagent C:\Windows\system32\qagentRT.dll

01:16:25.0330 8740 napagent - ok

01:16:25.0360 8740 [ 1ea3749c4114db3e3161156ffffa6b33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

01:16:25.0440 8740 NativeWifiP - ok

01:16:25.0490 8740 [ 79b47fd40d9a817e932f9d26fac0a81c ] NDIS C:\Windows\system32\drivers\ndis.sys

01:16:25.0550 8740 NDIS - ok

01:16:25.0570 8740 [ 9f9a1f53aad7da4d6fef5bb73ab811ac ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

01:16:25.0600 8740 NdisCap - ok

01:16:25.0620 8740 [ 30639c932d9fef22b31268fe25a1b6e5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

01:16:25.0650 8740 NdisTapi - ok

01:16:25.0690 8740 [ 136185f9fb2cc61e573e676aa5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

01:16:25.0750 8740 Ndisuio - ok

01:16:25.0810 8740 [ 53f7305169863f0a2bddc49e116c2e11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

01:16:25.0890 8740 NdisWan - ok

01:16:25.0930 8740 [ 015c0d8e0e0421b4cfd48cffe2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

01:16:25.0960 8740 NDProxy - ok

01:16:26.0050 8740 [ 7d2633295eb6ff2b938185874884059d ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

01:16:26.0110 8740 Nero BackItUp Scheduler 4.0 - ok

01:16:26.0120 8740 [ d5ac41ae382738483faffbd7e373d49a ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

01:16:26.0130 8740 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

01:16:26.0130 8740 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

01:16:26.0150 8740 [ 86743d9f5d2b1048062b14b1d84501c4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

01:16:26.0210 8740 NetBIOS - ok

01:16:26.0260 8740 [ 09594d1089c523423b32a4229263f068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

01:16:26.0340 8740 NetBT - ok

01:16:26.0360 8740 [ c118a82cd78818c29ab228366ebf81c3 ] Netlogon C:\Windows\system32\lsass.exe

01:16:26.0370 8740 Netlogon - ok

01:16:26.0410 8740 [ 847d3ae376c0817161a14a82c8922a9e ] Netman C:\Windows\System32\netman.dll

01:16:26.0460 8740 Netman - ok

01:16:26.0490 8740 [ 5f28111c648f1e24f7dbc87cdeb091b8 ] netprofm C:\Windows\System32\netprofm.dll

01:16:26.0560 8740 netprofm - ok

01:16:26.0590 8740 [ 3e5a36127e201ddf663176b66828fafe ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

01:16:26.0610 8740 NetTcpPortSharing - ok

01:16:26.0770 8740 [ 4d85a450edef10c38882182753a49aae ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys

01:16:26.0950 8740 NETw5s64 - ok

01:16:27.0090 8740 [ 705283c02177809ca9fa7cc58a4f1e77 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys

01:16:27.0250 8740 netw5v64 - ok

01:16:27.0290 8740 [ 77889813be4d166cdab78ddba990da92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys

01:16:27.0300 8740 nfrd960 - ok

01:16:27.0360 8740 [ 1ee99a89cc788ada662441d1e9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll

01:16:27.0450 8740 NlaSvc - ok

01:16:27.0480 8740 [ 1e4c4ab5c9b8dd13179bbdc75a2a01f7 ] Npfs C:\Windows\system32\drivers\Npfs.sys

01:16:27.0510 8740 Npfs - ok

01:16:27.0530 8740 [ d54bfdf3e0c953f823b3d0bfe4732528 ] nsi C:\Windows\system32\nsisvc.dll

01:16:27.0570 8740 nsi - ok

01:16:27.0580 8740 [ e7f5ae18af4168178a642a9247c63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

01:16:27.0610 8740 nsiproxy - ok

01:16:27.0700 8740 [ a2f74975097f52a00745f9637451fdd8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

01:16:27.0750 8740 Ntfs - ok

01:16:27.0780 8740 [ 9899284589f75fa8724ff3d16aed75c1 ] Null C:\Windows\system32\drivers\Null.sys

01:16:27.0860 8740 Null - ok

01:16:27.0900 8740 [ 0a92cb65770442ed0dc44834632f66ad ] nvraid C:\Windows\system32\drivers\nvraid.sys

01:16:27.0920 8740 nvraid - ok

01:16:27.0930 8740 [ dab0e87525c10052bf65f06152f37e4a ] nvstor C:\Windows\system32\drivers\nvstor.sys

01:16:27.0950 8740 nvstor - ok

01:16:28.0000 8740 [ 270d7cd42d6e3979f6dd0146650f0e05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

01:16:28.0010 8740 nv_agp - ok

01:16:28.0060 8740 [ 3589478e4b22ce21b41fa1bfc0b8b8a0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

01:16:28.0110 8740 ohci1394 - ok

01:16:28.0130 8740 [ 3eac4455472cc2c97107b5291e0dcafe ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

01:16:28.0160 8740 p2pimsvc - ok

01:16:28.0180 8740 [ 927463ecb02179f88e4b9a17568c63c3 ] p2psvc C:\Windows\system32\p2psvc.dll

01:16:28.0210 8740 p2psvc - ok

01:16:28.0240 8740 [ 0086431c29c35be1dbc43f52cc273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys

01:16:28.0250 8740 Parport - ok

01:16:28.0300 8740 [ e9766131eeade40a27dc27d2d68fba9c ] partmgr C:\Windows\system32\drivers\partmgr.sys

01:16:28.0340 8740 partmgr - ok

01:16:28.0360 8740 [ 3aeaa8b561e63452c655dc0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll

01:16:28.0410 8740 PcaSvc - ok

01:16:28.0440 8740 [ 94575c0571d1462a0f70bde6bd6ee6b3 ] pci C:\Windows\system32\drivers\pci.sys

01:16:28.0450 8740 pci - ok

01:16:28.0500 8740 [ b5b8b5ef2e5cb34df8dcf8831e3534fa ] pciide C:\Windows\system32\drivers\pciide.sys

01:16:28.0530 8740 pciide - ok

01:16:28.0550 8740 [ b2e81d4e87ce48589f98cb8c05b01f2f ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys

01:16:28.0570 8740 pcmcia - ok

01:16:28.0600 8740 [ d6b9c2e1a11a3a4b26a182ffef18f603 ] pcw C:\Windows\system32\drivers\pcw.sys

01:16:28.0610 8740 pcw - ok

01:16:28.0630 8740 [ 68769c3356b3be5d1c732c97b9a80d6e ] PEAUTH C:\Windows\system32\drivers\peauth.sys

01:16:28.0690 8740 PEAUTH - ok

01:16:28.0760 8740 [ b9b0a4299dd2d76a4243f75fd54dc680 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

01:16:28.0850 8740 PeerDistSvc - ok

01:16:28.0940 8740 [ e495e408c93141e8fc72dc0c6046ddfa ] PerfHost C:\Windows\SysWow64\perfhost.exe

01:16:29.0000 8740 PerfHost - ok

01:16:29.0080 8740 [ c7cf6a6e137463219e1259e3f0f0dd6c ] pla C:\Windows\system32\pla.dll

01:16:29.0190 8740 pla - ok

01:16:29.0240 8740 [ 25fbdef06c4d92815b353f6e792c8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

01:16:29.0320 8740 PlugPlay - ok

01:16:29.0350 8740 [ 37f6046cdc630442d7dc087501ff6fc6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

01:16:29.0380 8740 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

01:16:29.0380 8740 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

01:16:29.0420 8740 [ 7195581cec9bb7d12abe54036acc2e38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

01:16:29.0450 8740 PNRPAutoReg - ok

01:16:29.0490 8740 [ 3eac4455472cc2c97107b5291e0dcafe ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

01:16:29.0520 8740 PNRPsvc - ok

01:16:29.0580 8740 [ 4f15d75adf6156bf56eced6d4a55c389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

01:16:29.0650 8740 PolicyAgent - ok

01:16:29.0700 8740 [ 6ba9d927dded70bd1a9caded45f8b184 ] Power C:\Windows\system32\umpo.dll

01:16:29.0780 8740 Power - ok

01:16:29.0830 8740 [ f92a2c41117a11a00be01ca01a7fcde9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

01:16:29.0870 8740 PptpMiniport - ok

01:16:29.0890 8740 [ 0d922e23c041efb1c3fac2a6f943c9bf ] Processor C:\Windows\system32\DRIVERS\processr.sys

01:16:29.0930 8740 Processor - ok

01:16:29.0970 8740 [ 53e83f1f6cf9d62f32801cf66d8352a8 ] ProfSvc C:\Windows\system32\profsvc.dll

01:16:30.0060 8740 ProfSvc - ok

01:16:30.0070 8740 [ c118a82cd78818c29ab228366ebf81c3 ] ProtectedStorage C:\Windows\system32\lsass.exe

01:16:30.0090 8740 ProtectedStorage - ok

01:16:30.0150 8740 [ 0557cf5a2556bd58e26384169d72438d ] Psched C:\Windows\system32\DRIVERS\pacer.sys

01:16:30.0220 8740 Psched - ok

01:16:30.0240 8740 [ 87b04878a6d59d6c79251dc960c674c1 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

01:16:30.0250 8740 PxHlpa64 - ok

01:16:30.0290 8740 [ a53a15a11ebfd21077463ee2c7afeef0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys

01:16:30.0330 8740 ql2300 - ok

01:16:30.0360 8740 [ 4f6d12b51de1aaeff7dc58c4d75423c8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys

01:16:30.0370 8740 ql40xx - ok

01:16:30.0400 8740 [ 906191634e99aea92c4816150bda3732 ] QWAVE C:\Windows\system32\qwave.dll

01:16:30.0430 8740 QWAVE - ok

01:16:30.0450 8740 [ 76707bb36430888d9ce9d705398adb6c ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

01:16:30.0480 8740 QWAVEdrv - ok

01:16:30.0510 8740 [ 5a0da8ad5762fa2d91678a8a01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

01:16:30.0590 8740 RasAcd - ok

01:16:30.0610 8740 [ 7ecff9b22276b73f43a99a15a6094e90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

01:16:30.0650 8740 RasAgileVpn - ok

01:16:30.0660 8740 [ 8f26510c5383b8dbe976de1cd00fc8c7 ] RasAuto C:\Windows\System32\rasauto.dll

01:16:30.0710 8740 RasAuto - ok

01:16:30.0750 8740 [ 471815800ae33e6f1c32fb1b97c490ca ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

01:16:30.0810 8740 Rasl2tp - ok

01:16:30.0870 8740 [ ee867a0870fc9e4972ba9eaad35651e2 ] RasMan C:\Windows\System32\rasmans.dll

01:16:30.0930 8740 RasMan - ok

01:16:30.0940 8740 [ 855c9b1cd4756c5e9a2aa58a15f58c25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

01:16:30.0990 8740 RasPppoe - ok

01:16:31.0020 8740 [ e8b1e447b008d07ff47d016c2b0eeecb ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

01:16:31.0050 8740 RasSstp - ok

01:16:31.0110 8740 [ 77f665941019a1594d887a74f301fa2f ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

01:16:31.0170 8740 rdbss - ok

01:16:31.0200 8740 [ 302da2a0539f2cf54d7c6cc30c1f2d8d ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

01:16:31.0240 8740 rdpbus - ok

01:16:31.0270 8740 [ cea6cc257fc9b7715f1c2b4849286d24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

01:16:31.0350 8740 RDPCDD - ok

01:16:31.0400 8740 [ 1b6163c503398b23ff8b939c67747683 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

01:16:31.0440 8740 RDPDR - ok

01:16:31.0450 8740 [ bb5971a4f00659529a5c44831af22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

01:16:31.0510 8740 RDPENCDD - ok

01:16:31.0540 8740 [ 216f3fa57533d98e1f74ded70113177a ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

01:16:31.0570 8740 RDPREFMP - ok

01:16:31.0600 8740 [ e61608aa35e98999af9aaeeea6114b0a ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

01:16:31.0690 8740 RDPWD - ok

01:16:31.0750 8740 [ 34ed295fa0121c241bfef24764fc4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

01:16:31.0780 8740 rdyboost - ok

01:16:31.0850 8740 [ 3b71b5b91e7dca93585d5a86c897adc4 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

01:16:31.0870 8740 RegSrvc - ok

01:16:31.0900 8740 [ 254fb7a22d74e5511c73a3f6d802f192 ] RemoteAccess C:\Windows\System32\mprdim.dll

01:16:31.0960 8740 RemoteAccess - ok

01:16:31.0980 8740 [ e4d94f24081440b5fc5aa556c7c62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll

01:16:32.0040 8740 RemoteRegistry - ok

01:16:32.0080 8740 [ 3dd798846e2c28102b922c56e71b7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys

01:16:32.0100 8740 RFCOMM - ok

01:16:32.0130 8740 [ 258aadb43e3f3468b5cf8cb0f84872c2 ] rimsptsk C:\Windows\system32\DRIVERS\rimssn64.sys

01:16:32.0180 8740 rimsptsk - ok

01:16:32.0220 8740 [ 5790bca445cc40df8b38c2c48608aac2 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys

01:16:32.0280 8740 RimUsb - ok

01:16:32.0300 8740 [ 71e182a0de1cecb3f912960716345405 ] risdptsk C:\Windows\system32\DRIVERS\risdsn64.sys

01:16:32.0370 8740 risdptsk - ok

01:16:32.0450 8740 [ d02e5a46f77c182ca1964080bcd586f7 ] Roxio UPnP Renderer 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe

01:16:32.0490 8740 Roxio UPnP Renderer 10 - ok

01:16:32.0530 8740 [ e5809597278802d09273ee07b5fc56e1 ] Roxio Upnp Server 10 C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe

01:16:32.0560 8740 Roxio Upnp Server 10 - ok

01:16:32.0580 8740 [ e4dc58cf7b3ea515ae917ff0d402a7bb ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

01:16:32.0630 8740 RpcEptMapper - ok

01:16:32.0670 8740 [ d5ba242d4cf8e384db90e6a8ed850b8c ] RpcLocator C:\Windows\system32\locator.exe

01:16:32.0710 8740 RpcLocator - ok

01:16:32.0780 8740 [ 5c627d1b1138676c0a7ab2c2c190d123 ] RpcSs C:\Windows\System32\rpcss.dll

01:16:32.0820 8740 RpcSs - ok

01:16:32.0840 8740 [ ddc86e4f8e7456261e637e3552e804ff ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

01:16:32.0880 8740 rspndr - ok

01:16:32.0910 8740 [ 34f05c417f038ffa3bef69b798d7d7dd ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys

01:16:32.0990 8740 RTHDMIAzAudService - ok

01:16:33.0030 8740 [ 01e6a1e53e39a0b1e2b6ae62bf52e8ec ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe

01:16:33.0040 8740 RtkAudioService - ok

01:16:33.0090 8740 [ e60c0a09f997826c7627b244195ab581 ] s3cap C:\Windows\system32\drivers\vms3cap.sys

01:16:33.0180 8740 s3cap - ok

01:16:33.0200 8740 [ c118a82cd78818c29ab228366ebf81c3 ] SamSs C:\Windows\system32\lsass.exe

01:16:33.0220 8740 SamSs - ok

01:16:33.0300 8740 [ cdb954c736d51dc5fa712c039af4f683 ] SbFw C:\Windows\system32\drivers\SbFw.sys

01:16:33.0330 8740 SbFw - ok

01:16:33.0360 8740 [ 5de22e3cb6140213da2e0599b08d525c ] SBFWIMCL C:\Windows\system32\DRIVERS\sbfwim.sys

01:16:33.0380 8740 SBFWIMCL - ok

01:16:33.0390 8740 [ 5de22e3cb6140213da2e0599b08d525c ] SBFWIMCLMP C:\Windows\system32\DRIVERS\SBFWIM.sys

01:16:33.0400 8740 SBFWIMCLMP - ok

01:16:33.0420 8740 [ a5bc45f8c2f30350e7566799c86b2f5d ] sbhips C:\Windows\system32\drivers\sbhips.sys

01:16:33.0430 8740 sbhips - ok

01:16:33.0480 8740 [ ac03af3329579fffb455aa2daabbe22b ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

01:16:33.0510 8740 sbp2port - ok

01:16:33.0520 8740 SBRE - ok

01:16:33.0550 8740 [ f9955774a6bf0a5ca696f591c7b80a79 ] SbTis C:\Windows\system32\drivers\sbtis.sys

01:16:33.0570 8740 SbTis - ok

01:16:33.0590 8740 [ 9b7395789e3791a3b6d000fe6f8b131e ] SCardSvr C:\Windows\System32\SCardSvr.dll

01:16:33.0650 8740 SCardSvr - ok

01:16:33.0690 8740 [ 253f38d0d7074c02ff8deb9836c97d2b ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

01:16:33.0780 8740 scfilter - ok

01:16:33.0840 8740 [ 262f6592c3299c005fd6bec90fc4463a ] Schedule C:\Windows\system32\schedsvc.dll

01:16:33.0920 8740 Schedule - ok

01:16:33.0960 8740 [ f17d1d393bbc69c5322fbfafaca28c7f ] SCPolicySvc C:\Windows\System32\certprop.dll

01:16:33.0990 8740 SCPolicySvc - ok

01:16:34.0050 8740 [ 111e0ebc0ad79cb0fa014b907b231cf0 ] sdbus C:\Windows\system32\drivers\sdbus.sys

01:16:34.0080 8740 sdbus - ok

01:16:34.0130 8740 [ 6ea4234dc55346e0709560fe7c2c1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll

01:16:34.0200 8740 SDRSVC - ok

01:16:34.0240 8740 [ 3ea8a16169c26afbeb544e0e48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys

01:16:34.0290 8740 secdrv - ok

01:16:34.0340 8740 [ bc617a4e1b4fa8df523a061739a0bd87 ] seclogon C:\Windows\system32\seclogon.dll

01:16:34.0390 8740 seclogon - ok

01:16:34.0410 8740 [ c32ab8fa018ef34c0f113bd501436d21 ] SENS C:\Windows\system32\sens.dll

01:16:34.0450 8740 SENS - ok

01:16:34.0460 8740 [ 0336cffafaab87a11541f1cf1594b2b2 ] SensrSvc C:\Windows\system32\sensrsvc.dll

01:16:34.0480 8740 SensrSvc - ok

01:16:34.0500 8740 [ cb624c0035412af0debec78c41f5ca1b ] Serenum C:\Windows\system32\DRIVERS\serenum.sys

01:16:34.0540 8740 Serenum - ok

01:16:34.0550 8740 [ c1d8e28b2c2adfaec4ba89e9fda69bd6 ] Serial C:\Windows\system32\DRIVERS\serial.sys

01:16:34.0560 8740 Serial - ok

01:16:34.0590 8740 [ 1c545a7d0691cc4a027396535691c3e3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys

01:16:34.0630 8740 sermouse - ok

01:16:34.0700 8740 [ 0b6231bf38174a1628c4ac812cc75804 ] SessionEnv C:\Windows\system32\sessenv.dll

01:16:34.0780 8740 SessionEnv - ok

01:16:34.0810 8740 [ 70f9c476b62de4f2823e918a6c181ade ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys

01:16:34.0840 8740 SFEP - ok

01:16:34.0890 8740 [ a554811bcd09279536440c964ae35bbf ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

01:16:34.0940 8740 sffdisk - ok

01:16:34.0970 8740 [ ff414f0baefeba59bc6c04b3db0b87bf ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

01:16:35.0010 8740 sffp_mmc - ok

01:16:35.0040 8740 [ dd85b78243a19b59f0637dcf284da63c ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

01:16:35.0080 8740 sffp_sd - ok

01:16:35.0110 8740 [ a9d601643a1647211a1ee2ec4e433ff4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys

01:16:35.0120 8740 sfloppy - ok

01:16:35.0160 8740 [ b95f6501a2f8b2e78c697fec401970ce ] SharedAccess C:\Windows\System32\ipnathlp.dll

01:16:35.0230 8740 SharedAccess - ok

01:16:35.0270 8740 [ aaf932b4011d14052955d4b212a4da8d ] ShellHWDetection C:\Windows\System32\shsvcs.dll

01:16:35.0360 8740 ShellHWDetection - ok

01:16:35.0370 8740 [ 843caf1e5fde1ffd5ff768f23a51e2e1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys

01:16:35.0380 8740 SiSRaid2 - ok

01:16:35.0390 8740 [ 6a6c106d42e9ffff8b9fcb4f754f6da4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys

01:16:35.0410 8740 SiSRaid4 - ok

01:16:35.0440 8740 [ 548260a7b8654e024dc30bf8a7c5baa4 ] Smb C:\Windows\system32\DRIVERS\smb.sys

01:16:35.0470 8740 Smb - ok

01:16:35.0500 8740 [ 6313f223e817cc09aa41811daa7f541d ] SNMPTRAP C:\Windows\System32\snmptrap.exe

01:16:35.0530 8740 SNMPTRAP - ok

01:16:35.0550 8740 [ b9e31e5cacdfe584f34f730a677803f9 ] spldr C:\Windows\system32\drivers\spldr.sys

01:16:35.0570 8740 spldr - ok

01:16:35.0630 8740 [ 85daa09a98c9286d4ea2ba8d0e644377 ] Spooler C:\Windows\System32\spoolsv.exe

01:16:35.0680 8740 Spooler - ok

01:16:35.0800 8740 [ e17e0188bb90fae42d83e98707efa59c ] sppsvc C:\Windows\system32\sppsvc.exe

01:16:35.0960 8740 sppsvc - ok

01:16:36.0010 8740 [ 93d7d61317f3d4bc4f4e9f8a96a7de45 ] sppuinotify C:\Windows\system32\sppuinotify.dll

01:16:36.0090 8740 sppuinotify - ok

01:16:36.0130 8740 [ 602884696850c86434530790b110e8eb ] sptd C:\Windows\system32\Drivers\sptd.sys

01:16:36.0130 8740 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb

01:16:36.0130 8740 sptd ( LockedFile.Multi.Generic ) - warning

01:16:36.0130 8740 sptd - detected LockedFile.Multi.Generic (1)

01:16:36.0200 8740 [ 441fba48bff01fdb9d5969ebc1838f0b ] srv C:\Windows\system32\DRIVERS\srv.sys

01:16:36.0300 8740 srv - ok

01:16:36.0320 8740 [ b4adebbf5e3677cce9651e0f01f7cc28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

01:16:36.0360 8740 srv2 - ok

01:16:36.0390 8740 [ 27e461f0be5bff5fc737328f749538c3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

01:16:36.0430 8740 srvnet - ok

01:16:36.0470 8740 [ 51b52fbd583cde8aa9ba62b8b4298f33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

01:16:36.0540 8740 SSDPSRV - ok

01:16:36.0560 8740 [ ab7aebf58dad8daab7a6c45e6a8885cb ] SstpSvc C:\Windows\system32\sstpsvc.dll

01:16:36.0600 8740 SstpSvc - ok

01:16:36.0660 8740 Steam Client Service - ok

01:16:36.0710 8740 [ f3817967ed533d08327dc73bc4d5542a ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys

01:16:36.0730 8740 stexstor - ok

01:16:36.0800 8740 [ 8dd52e8e6128f4b2da92ce27402871c1 ] stisvc C:\Windows\System32\wiaservc.dll

01:16:36.0850 8740 stisvc - ok

01:16:36.0890 8740 [ 7785dc213270d2fc066538daf94087e7 ] storflt C:\Windows\system32\drivers\vmstorfl.sys

01:16:36.0900 8740 storflt - ok

01:16:36.0950 8740 [ c40841817ef57d491f22eb103da587cc ] StorSvc C:\Windows\system32\storsvc.dll

01:16:36.0970 8740 StorSvc - ok

01:16:36.0990 8740 [ d34e4943d5ac096c8edeebfd80d76e23 ] storvsc C:\Windows\system32\drivers\storvsc.sys

01:16:37.0010 8740 storvsc - ok

01:16:37.0060 8740 [ d01ec09b6711a5f8e7e6564a4d0fbc90 ] swenum C:\Windows\system32\drivers\swenum.sys

01:16:37.0090 8740 swenum - ok

01:16:37.0110 8740 [ e08e46fdd841b7184194011ca1955a0b ] swprv C:\Windows\System32\swprv.dll

01:16:37.0180 8740 swprv - ok

01:16:37.0270 8740 [ bf9ccc0bf39b418c8d0ae8b05cf95b7d ] SysMain C:\Windows\system32\sysmain.dll

01:16:37.0350 8740 SysMain - ok

01:16:37.0430 8740 [ e3c61fd7b7c2557e1f1b0b4cec713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

01:16:37.0470 8740 TabletInputService - ok

01:16:37.0500 8740 tandpl - ok

01:16:37.0520 8740 [ 40f0849f65d13ee87b9a9ae3c1dd6823 ] TapiSrv C:\Windows\System32\tapisrv.dll

01:16:37.0580 8740 TapiSrv - ok

01:16:37.0610 8740 [ 93f0f5ef8a4ca261372df98b31b2bd05 ] tbhsd C:\Windows\system32\drivers\tbhsd.sys

01:16:37.0650 8740 tbhsd - ok

01:16:37.0680 8740 [ 1be03ac720f4d302ea01d40f588162f6 ] TBS C:\Windows\System32\tbssvc.dll

01:16:37.0720 8740 TBS - ok

01:16:37.0810 8740 [ acb82bda8f46c84f465c1afa517dc4b9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys

01:16:37.0870 8740 Tcpip - ok

01:16:37.0900 8740 [ acb82bda8f46c84f465c1afa517dc4b9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

01:16:37.0940 8740 TCPIP6 - ok

01:16:38.0000 8740 [ df687e3d8836bfb04fcc0615bf15a519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

01:16:38.0070 8740 tcpipreg - ok

01:16:38.0100 8740 [ 3371d21011695b16333a3934340c4e7c ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

01:16:38.0160 8740 TDPIPE - ok

01:16:38.0210 8740 [ 51c5eceb1cdee2468a1748be550cfbc8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

01:16:38.0240 8740 TDTCP - ok

01:16:38.0300 8740 [ ddad5a7ab24d8b65f8d724f5c20fd806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

01:16:38.0360 8740 tdx - ok

01:16:38.0410 8740 [ 561e7e1f06895d78de991e01dd0fb6e5 ] TermDD C:\Windows\system32\drivers\termdd.sys

01:16:38.0420 8740 TermDD - ok

01:16:38.0490 8740 [ 2e648163254233755035b46dd7b89123 ] TermService C:\Windows\System32\termsrv.dll

01:16:38.0580 8740 TermService - ok

01:16:38.0620 8740 [ f0344071948d1a1fa732231785a0664c ] Themes C:\Windows\system32\themeservice.dll

01:16:38.0660 8740 Themes - ok

01:16:38.0690 8740 [ e40e80d0304a73e8d269f7141d77250b ] THREADORDER C:\Windows\system32\mmcss.dll

01:16:38.0720 8740 THREADORDER - ok

01:16:38.0730 8740 [ 7e7afd841694f6ac397e99d75cead49d ] TrkWks C:\Windows\System32\trkwks.dll

01:16:38.0800 8740 TrkWks - ok

01:16:38.0890 8740 [ 773212b2aaa24c1e31f10246b15b276c ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

01:16:38.0940 8740 TrustedInstaller - ok

01:16:38.0990 8740 [ ce18b2cdfc837c99e5fae9ca6cba5d30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

01:16:39.0070 8740 tssecsrv - ok

01:16:39.0120 8740 [ d11c783e3ef9a3c52c0ebe83cc5000e9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

01:16:39.0160 8740 TsUsbFlt - ok

01:16:39.0220 8740 [ 3566a8daafa27af944f5d705eaa64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

01:16:39.0320 8740 tunnel - ok

01:16:39.0350 8740 [ b4dd609bd7e282bfc683cec7eaaaad67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys

01:16:39.0360 8740 uagp35 - ok

01:16:39.0420 8740 [ ff4232a1a64012baa1fd97c7b67df593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

01:16:39.0510 8740 udfs - ok

01:16:39.0550 8740 [ 3cbdec8d06b9968aba702eba076364a1 ] UI0Detect C:\Windows\system32\UI0Detect.exe

01:16:39.0560 8740 UI0Detect - ok

01:16:39.0590 8740 [ 4bfe1bc28391222894cbf1e7d0e42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

01:16:39.0610 8740 uliagpkx - ok

01:16:39.0650 8740 [ dc54a574663a895c8763af0fa1ff7561 ] umbus C:\Windows\system32\drivers\umbus.sys

01:16:39.0710 8740 umbus - ok

01:16:39.0740 8740 [ b2e8e8cb557b156da5493bbddcc1474d ] UmPass C:\Windows\system32\DRIVERS\umpass.sys

01:16:39.0790 8740 UmPass - ok

01:16:39.0840 8740 [ a293dcd756d04d8492a750d03b9a297c ] UmRdpService C:\Windows\System32\umrdp.dll

01:16:39.0880 8740 UmRdpService - ok

01:16:39.0910 8740 [ d47ec6a8e81633dd18d2436b19baf6de ] upnphost C:\Windows\System32\upnphost.dll

01:16:39.0970 8740 upnphost - ok

01:16:40.0030 8740 [ 6f1a3157a1c89435352ceb543cdb359c ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

01:16:40.0120 8740 usbccgp - ok

01:16:40.0150 8740 [ af0892a803fdda7492f595368e3b68e7 ] usbcir C:\Windows\system32\drivers\usbcir.sys

01:16:40.0170 8740 usbcir - ok

01:16:40.0200 8740 [ c025055fe7b87701eb042095df1a2d7b ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys

01:16:40.0230 8740 usbehci - ok

01:16:40.0270 8740 [ 287c6c9410b111b68b52ca298f7b8c24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

01:16:40.0300 8740 usbhub - ok

01:16:40.0340 8740 [ 58e546bbaf87664fc57e0f6081e4f609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys

01:16:40.0380 8740 usbohci - ok

01:16:40.0390 8740 [ 73188f58fb384e75c4063d29413cee3d ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

01:16:40.0430 8740 usbprint - ok

01:16:40.0470 8740 [ fed648b01349a3c8395a5169db5fb7d6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

01:16:40.0530 8740 USBSTOR - ok

01:16:40.0560 8740 [ 62069a34518bcf9c1fd9e74b3f6db7cd ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys

01:16:40.0590 8740 usbuhci - ok

01:16:40.0670 8740 [ 454800c2bc7f3927ce030141ee4f4c50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys

01:16:40.0710 8740 usbvideo - ok

01:16:40.0740 8740 [ edbb23cbcf2cdf727d64ff9b51a6070e ] UxSms C:\Windows\System32\uxsms.dll

01:16:40.0790 8740 UxSms - ok

01:16:40.0860 8740 [ 6b31c9cb94927dbeeb62e15275f4cc54 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

01:16:40.0870 8740 VAIO Event Service - ok

01:16:40.0910 8740 [ 2d6605c1f0bbd0f71a4cb3a5b1e07240 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe

01:16:40.0950 8740 VAIO Power Management - ok

01:16:40.0960 8740 [ c118a82cd78818c29ab228366ebf81c3 ] VaultSvc C:\Windows\system32\lsass.exe

01:16:40.0980 8740 VaultSvc - ok

01:16:41.0020 8740 [ 70a90412f0ae18021794a0754c2d6299 ] VBTUSB C:\Windows\system32\Drivers\VBTUSB.sys

01:16:41.0050 8740 VBTUSB ( UnsignedFile.Multi.Generic ) - warning

01:16:41.0050 8740 VBTUSB - detected UnsignedFile.Multi.Generic (1)

01:16:41.0120 8740 [ d347d3abe070aa09c22fc37121555d52 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe

01:16:41.0150 8740 VCService - ok

01:16:41.0170 8740 [ c5c876ccfc083ff3b128f933823e87bd ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

01:16:41.0180 8740 vdrvroot - ok

01:16:41.0250 8740 [ 8d6b481601d01a456e75c3210f1830be ] vds C:\Windows\System32\vds.exe

01:16:41.0350 8740 vds - ok

01:16:41.0370 8740 [ da4da3f5e02943c2dc8c6ed875de68dd ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

01:16:41.0390 8740 vga - ok

01:16:41.0400 8740 [ 53e92a310193cb3c03bea963de7d9cfc ] VgaSave C:\Windows\System32\drivers\vga.sys

01:16:41.0460 8740 VgaSave - ok

01:16:41.0520 8740 [ 2ce2df28c83aeaf30084e1b1eb253cbb ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

01:16:41.0550 8740 vhdmp - ok

01:16:41.0600 8740 [ e5689d93ffe4e5d66c0178761240dd54 ] viaide C:\Windows\system32\drivers\viaide.sys

01:16:41.0640 8740 viaide - ok

01:16:41.0660 8740 [ 86ea3e79ae350fea5331a1303054005f ] vmbus C:\Windows\system32\drivers\vmbus.sys

01:16:41.0680 8740 vmbus - ok

01:16:41.0690 8740 [ 7de90b48f210d29649380545db45a187 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

01:16:41.0730 8740 VMBusHID - ok

01:16:41.0760 8740 [ d2aafd421940f640b407aefaaebd91b0 ] volmgr C:\Windows\system32\drivers\volmgr.sys

01:16:41.0780 8740 volmgr - ok

01:16:41.0830 8740 [ a255814907c89be58b79ef2f189b843b ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

01:16:41.0860 8740 volmgrx - ok

01:16:41.0870 8740 [ 0d08d2f3b3ff84e433346669b5e0f639 ] volsnap C:\Windows\system32\drivers\volsnap.sys

01:16:41.0890 8740 volsnap - ok

01:16:41.0910 8740 [ 5e2016ea6ebaca03c04feac5f330d997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys

01:16:41.0930 8740 vsmraid - ok

01:16:42.0010 8740 [ b60ba0bc31b0cb414593e169f6f21cc2 ] VSS C:\Windows\system32\vssvc.exe

01:16:42.0100 8740 VSS - ok

01:16:42.0320 8740 [ 8ed347bad8d1fb7c40b593bfb01786d2 ] vToolbarUpdater11.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe

01:16:42.0370 8740 vToolbarUpdater11.2.0 - ok

01:16:42.0480 8740 [ fb4a1695d2d74f9c92ca5e84795cdbe1 ] VUAgent C:\Program Files\Sony\VAIO Update Common\VUAgent.exe

01:16:42.0550 8740 VUAgent - ok

01:16:42.0570 8740 [ 36d4720b72b5c5d9cb2b9c29e9df67a1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys

01:16:42.0600 8740 vwifibus - ok

01:16:42.0640 8740 [ 6a3d66263414ff0d6fa754c646612f3f ] VWiFiFlt C:\Windows\system32\DRIVERS\vwififlt.sys

01:16:42.0660 8740 VWiFiFlt - ok

01:16:42.0660 8740 [ 6a638fc4bfddc4d9b186c28c91bd1a01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys

01:16:42.0710 8740 vwifimp - ok

01:16:42.0750 8740 [ 1c9d80cc3849b3788048078c26486e1a ] W32Time C:\Windows\system32\w32time.dll

01:16:42.0800 8740 W32Time - ok

01:16:42.0840 8740 [ 4e9440f4f152a7b944cb1663d3935a3e ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys

01:16:42.0850 8740 WacomPen - ok

01:16:42.0911 8740 [ 356afd78a6ed4457169241ac3965230c ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

01:16:43.0011 8740 WANARP - ok

01:16:43.0021 8740 [ 356afd78a6ed4457169241ac3965230c ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

01:16:43.0051 8740 Wanarpv6 - ok

01:16:43.0141 8740 [ 3cec96de223e49eaae3651fcf8faea6c ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

01:16:43.0211 8740 WatAdminSvc - ok

01:16:43.0301 8740 [ 78f4e7f5c56cb9716238eb57da4b6a75 ] wbengine C:\Windows\system32\wbengine.exe

01:16:43.0361 8740 wbengine - ok

01:16:43.0391 8740 [ 3aa101e8edab2db4131333f4325c76a3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

01:16:43.0411 8740 WbioSrvc - ok

01:16:43.0481 8740 [ 7368a2afd46e5a4481d1de9d14848edd ] wcncsvc C:\Windows\System32\wcncsvc.dll

01:16:43.0551 8740 wcncsvc - ok

01:16:43.0581 8740 [ 20f7441334b18cee52027661df4a6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

01:16:43.0661 8740 WcsPlugInService - ok

01:16:43.0691 8740 [ 72889e16ff12ba0f235467d6091b17dc ] Wd C:\Windows\system32\DRIVERS\wd.sys

01:16:43.0701 8740 Wd - ok

01:16:43.0731 8740 [ 441bd2d7b4f98134c3a4f9fa570fd250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

01:16:43.0761 8740 Wdf01000 - ok

01:16:43.0791 8740 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiServiceHost C:\Windows\system32\wdi.dll

01:16:43.0851 8740 WdiServiceHost - ok

01:16:43.0851 8740 [ bf1fc3f79b863c914687a737c2f3d681 ] WdiSystemHost C:\Windows\system32\wdi.dll

01:16:43.0871 8740 WdiSystemHost - ok

01:16:43.0931 8740 [ 3db6d04e1c64272f8b14eb8bc4616280 ] WebClient C:\Windows\System32\webclnt.dll

01:16:43.0981 8740 WebClient - ok

01:16:44.0011 8740 [ c749025a679c5103e575e3b48e092c43 ] Wecsvc C:\Windows\system32\wecsvc.dll

01:16:44.0071 8740 Wecsvc - ok

01:16:44.0101 8740 [ 7e591867422dc788b9e5bd337a669a08 ] wercplsupport C:\Windows\System32\wercplsupport.dll

01:16:44.0161 8740 wercplsupport - ok

01:16:44.0181 8740 [ 6d137963730144698cbd10f202e9f251 ] WerSvc C:\Windows\System32\WerSvc.dll

01:16:44.0241 8740 WerSvc - ok

01:16:44.0261 8740 [ 611b23304bf067451a9fdee01fbdd725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

01:16:44.0301 8740 WfpLwf - ok

01:16:44.0311 8740 [ 05ecaec3e4529a7153b3136ceb49f0ec ] WIMMount C:\Windows\system32\drivers\wimmount.sys

01:16:44.0321 8740 WIMMount - ok

01:16:44.0361 8740 WinDefend - ok

01:16:44.0371 8740 WinHttpAutoProxySvc - ok

01:16:44.0421 8740 [ 19b07e7e8915d701225da41cb3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

01:16:44.0481 8740 Winmgmt - ok

01:16:44.0581 8740 [ bcb1310604aa415c4508708975b3931e ] WinRM C:\Windows\system32\WsmSvc.dll

01:16:44.0681 8740 WinRM - ok

01:16:44.0741 8740 [ fe88b288356e7b47b74b13372add906d ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

01:16:44.0761 8740 WinUsb - ok

01:16:44.0811 8740 [ 4fada86e62f18a1b2f42ba18ae24e6aa ] Wlansvc C:\Windows\System32\wlansvc.dll

01:16:44.0871 8740 Wlansvc - ok

01:16:44.0921 8740 [ 06c8fa1cf39de6a735b54d906ba791c6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

01:16:44.0931 8740 wlcrasvc - ok

01:16:45.0091 8740 [ 2bacd71123f42cea603f4e205e1ae337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

01:16:45.0161 8740 wlidsvc - ok

01:16:45.0221 8740 [ f6ff8944478594d0e414d3f048f0d778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

01:16:45.0271 8740 WmiAcpi - ok

01:16:45.0321 8740 [ 38b84c94c5a8af291adfea478ae54f93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

01:16:45.0361 8740 wmiApSrv - ok

01:16:45.0391 8740 WMPNetworkSvc - ok

01:16:45.0411 8740 [ 96c6e7100d724c69fcf9e7bf590d1dca ] WPCSvc C:\Windows\System32\wpcsvc.dll

01:16:45.0431 8740 WPCSvc - ok

01:16:45.0491 8740 [ 93221146d4ebbf314c29b23cd6cc391d ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

01:16:45.0551 8740 WPDBusEnum - ok

01:16:45.0571 8740 [ 6bcc1d7d2fd2453957c5479a32364e52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

01:16:45.0631 8740 ws2ifsl - ok

01:16:45.0641 8740 [ e8b1fe6669397d1772d8196df0e57a9e ] wscsvc C:\Windows\system32\wscsvc.dll

01:16:45.0691 8740 wscsvc - ok

01:16:45.0731 8740 [ 8d918b1db190a4d9b1753a66fa8c96e8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys

01:16:45.0751 8740 WSDPrintDevice - ok

01:16:45.0751 8740 WSearch - ok

01:16:45.0861 8740 [ d9ef901dca379cfe914e9fa13b73b4c4 ] wuauserv C:\Windows\system32\wuaueng.dll

01:16:45.0931 8740 wuauserv - ok

01:16:45.0941 8740 [ d3381dc54c34d79b22cee0d65ba91b7c ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

01:16:46.0001 8740 WudfPf - ok

01:16:46.0061 8740 [ cf8d590be3373029d57af80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

01:16:46.0141 8740 WUDFRd - ok

01:16:46.0181 8740 [ 7a95c95b6c4cf292d689106bcae49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

01:16:46.0251 8740 wudfsvc - ok

01:16:46.0281 8740 [ 9a3452b3c2a46c073166c5cf49fad1ae ] WwanSvc C:\Windows\System32\wwansvc.dll

01:16:46.0341 8740 WwanSvc - ok

01:16:46.0401 8740 [ 2ee48cfce7ca8e0db4c44c7476c0943b ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys

01:16:46.0481 8740 xusb21 - ok

01:16:46.0521 8740 [ b3eeacf62445e24fbb2cd4b0fb4db026 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys

01:16:46.0541 8740 yukonw7 - ok

01:16:46.0581 8740 ================ Scan global ===============================

01:16:46.0611 8740 (ba0cd8c393e8c9f83354106093832c7b) C:\Windows\system32\basesrv.dll

01:16:46.0671 8740 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll

01:16:46.0691 8740 (eb6a48cc998e1090e44e8e7f1009a640) C:\Windows\system32\winsrv.dll

01:16:46.0721 8740 (d6160f9d869ba3af0b787f971db56368) C:\Windows\system32\sxssrv.dll

01:16:46.0781 8740 (24acb7e5be595468e3b9aa488b9b4fcb) C:\Windows\system32\services.exe

01:16:46.0791 8740 [Global] - ok

01:16:46.0791 8740 ================ Scan MBR ==================================

01:16:46.0811 8740 MBR (0x1B8) (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0

01:16:47.0131 8740 \Device\Harddisk0\DR0 - ok

01:16:47.0141 8740 ================ Scan VBR ==================================

01:16:47.0141 8740 Boot (0x1200) (d33c997ce3d1a55376d5734ddcb4838c) \Device\Harddisk0\DR0\Partition1

01:16:47.0141 8740 \Device\Harddisk0\DR0\Partition1 - ok

01:16:47.0181 8740 Boot (0x1200) (37745fa2343d91ed0c606d16c70b0c07) \Device\Harddisk0\DR0\Partition2

01:16:47.0191 8740 \Device\Harddisk0\DR0\Partition2 - ok

01:16:47.0191 8740 ============================================================

01:16:47.0191 8740 Scan finished

01:16:47.0191 8740 ============================================================

01:16:47.0211 6044 Detected object count: 4

01:16:47.0211 6044 Actual detected object count: 4

01:17:07.0411 6044 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

01:17:07.0411 6044 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

01:17:07.0411 6044 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

01:17:07.0411 6044 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip

01:17:07.0411 6044 sptd ( LockedFile.Multi.Generic ) - skipped by user

01:17:07.0411 6044 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

01:17:07.0411 6044 VBTUSB ( UnsignedFile.Multi.Generic ) - skipped by user

01:17:07.0411 6044 VBTUSB ( UnsignedFile.Multi.Generic ) - User select action: Skip

01:17:14.0041 5064 Deinitialize success

[LDTate]

That looks good.

Please do not attach the scan results from Combofx. Use copy/paste.

Vista and Windows 7 users:

1. These tools MUST be run from the executable. (.exe) every time you run them

2. With Admin Rights (Right click, choose "Run as Administrator")

Download ComboFix from this link

Link 1

* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link : Protective Programs
  
• Double click on ComboFix.exe & follow the prompts.
  Notes: Combofix will run without the Recovery Console installed. Skip the Recovery Console part if you're running Vista or Windows 7.
  Note: If you have XP SP3, use the XP SP2 package.
  If Vista or Windows 7, skip the Recovery Console part
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
  

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt using Copy / Paste in your next reply.

Notes:

1.Do not mouse-click Combofix's window while it is running. That may cause it to stall.

2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.

3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.

4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Give it atleast 20-30 minutes to finish if needed.

Please do not attach the scan results from Combofx. Use copy/paste.

Also please describe how your computer behaves at the moment.

[Countryrock2001]

ComboFix 12-08-18.03 - DeerSlayer7600 19-Aug-12 3:53.4.2 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.4063.1964 [GMT -4:00]

Running from: c:\users\DeerSlayer7600\Desktop\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

* Created a new restore point

.

.

((((((((((((((((((((((((( Files Created from 2012-07-19 to 2012-08-19 )))))))))))))))))))))))))))))))

.

.

2012-08-19 08:04 . 2012-08-19 08:04 -------- d-----w- c:\users\Guest\AppData\Local\temp

2012-08-19 08:04 . 2012-08-19 08:04 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-08-15 17:14 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys

2012-08-15 10:22 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll

2012-08-15 10:22 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll

2012-08-15 10:22 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll

2012-08-15 10:22 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll

2012-08-15 10:22 . 2012-05-05 08:36 503808 ----a-w- c:\windows\system32\srcore.dll

2012-08-15 10:22 . 2012-05-05 07:46 43008 ----a-w- c:\windows\SysWow64\srclient.dll

2012-08-15 10:22 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys

2012-08-15 10:21 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll

2012-08-15 10:21 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe

2012-08-15 10:21 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe

2012-08-15 10:21 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll

2012-08-15 10:21 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll

2012-08-15 05:18 . 2012-08-15 05:18 -------- d-----w- c:\program files (x86)\Common Files\Java

2012-08-15 05:18 . 2012-08-15 05:18 -------- d-----w- c:\program files (x86)\Oracle

2012-08-15 05:17 . 2012-07-06 02:06 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-08-15 05:16 . 2012-08-15 05:16 -------- d-----w- c:\programdata\McAfee

2012-08-10 18:09 . 2012-08-19 08:04 -------- d-----w- c:\users\Public Use\AppData\Local\temp

2012-08-03 17:07 . 2012-08-03 17:07 -------- d-----w- c:\users\DeerSlayer7600\AppData\Local\Amazon

2012-08-03 17:07 . 2012-08-03 17:07 -------- d-----w- c:\program files (x86)\Amazon

2012-07-29 01:37 . 2012-07-29 01:37 -------- d-----w- c:\program files\HitmanPro

2012-07-29 01:37 . 2012-07-29 01:38 -------- d-----w- c:\programdata\HitmanPro

2012-07-22 23:42 . 2012-06-06 06:06 2004480 ----a-w- c:\windows\system32\msxml6.dll

2012-07-22 23:42 . 2012-06-06 06:06 1881600 ----a-w- c:\windows\system32\msxml3.dll

2012-07-22 23:42 . 2012-06-06 05:05 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-15 17:10 . 2009-12-11 01:51 62134624 ----a-w- c:\windows\system32\MRT.exe

2012-07-22 23:45 . 2012-04-08 00:15 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-07-22 23:45 . 2011-05-18 14:08 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-06 02:06 . 2010-05-11 18:52 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll

2012-06-04 01:36 . 2010-05-15 23:41 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys

2012-06-02 22:19 . 2012-06-08 23:10 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2012-06-08 23:10 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-02 22:19 . 2012-06-08 23:10 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2012-06-08 23:10 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2012-06-08 23:10 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:15 . 2012-06-08 23:10 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-02 22:15 . 2012-06-08 23:10 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-02 19:19 . 2012-06-08 23:10 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-02 19:15 . 2012-06-08 23:10 36864 ----a-w- c:\windows\system32\wuapp.exe

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

2012-07-09 23:44 2074208 ----a-w- c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]

"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.12\AVG Secure Search_toolbar.dll" [2012-07-09 2074208]

.

[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]

[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]

@="{C5994560-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]

@="{C5994561-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]

@="{C5994562-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]

@="{C5994563-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]

@="{C5994564-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]

@="{C5994565-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]

@="{C5994566-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]

@="{C5994567-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]

@="{C5994568-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]

"POP Peeper"="c:\program files (x86)\POP Peeper\POPPeeper.exe" [2011-11-16 1613824]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"SmartWiHelper"="c:\program files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe" [2009-09-03 80384]

"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-05-26 317288]

"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-04-05 2587008]

"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-07-09 1107552]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2009-7-1 1079584]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2009-07-01 19:49 98304 ----a-w- c:\windows\System32\VESWinlogon.dll

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]

@=""

.

R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys [x]

R1 SBRE;SBRE;c:\windows\system32\drivers\SBREdrv.sys [x]

R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2012-07-04 5160568]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-08 136176]

R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-06-26 362992]

R3 appliandMP;appliandMP;c:\windows\system32\DRIVERS\appliand.sys [x]

R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-07-26 1025352]

R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-04-14 54824]

R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2009-08-03 35104]

R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-08 136176]

R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.10.1;c:\windows\system32\drivers\libusb0.sys [x]

R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2011-01-01 97040]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-28 113120]

R3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-05 5435904]

R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-06-26 313840]

R3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Service;c:\windows\system32\DRIVERS\sbfwim.sys [2011-02-08 84568]

R3 sbhips;sbhips;c:\windows\system32\drivers\sbhips.sys [2011-04-05 60504]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 VBTUSB;VBTUSB.Sys VAIO Bluetooth Driver over USB device;c:\windows\system32\Drivers\VBTUSB.sys [2010-06-17 14848]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-05-17 1255736]

R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]

S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-04-19 28480]

S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [2012-01-31 36944]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-03-04 55856]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2009-12-30 834544]

S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-02-22 289872]

S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2011-12-23 47696]

S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-03-19 383808]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-02-14 254528]

S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2011-04-05 253528]

S1 SbTis;SbTis;c:\windows\system32\drivers\sbtis.sys [2011-04-05 94296]

S1 VWiFiFlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-07-27 203264]

S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]

S2 MotoHelper;MotoHelper Service;c:\program files (x86)\Motorola\MotoHelper\MotoHelperService.exe [2011-12-06 214896]

S2 RtkAudioService;Realtek Audio Service;c:\program files\Realtek\Audio\HDA\RtkAudioService64.exe [2009-07-24 189984]

S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe [2011-01-29 259192]

S2 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe [2009-08-22 411496]

S2 vToolbarUpdater11.2.0;vToolbarUpdater11.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.2.0\ToolbarUpdater.exe [2012-07-09 935008]

S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2011-12-23 124496]

S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [2011-12-23 29776]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]

S3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]

S3 SBFWIMCLMP;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\SBFWIM.sys [2011-02-08 84568]

S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\DRIVERS\SFEP.sys [2009-06-11 11392]

S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe [2011-02-14 44736]

S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update Common\VUAgent.exe [2012-01-13 1256040]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2009-06-10 389120]

.

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 02384996

*NewlyCreated* - 38664065

*Deregistered* - 02384996

*Deregistered* - 38664065

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}]

2010-02-16 23:02 114688 ----a-w- c:\program files (x86)\PixiePack Codec Pack\InstallerHelper.exe

.

Contents of the 'Scheduled Tasks' folder

.

2012-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-08 15:34]

.

2012-08-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-08 15:34]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]

@="{C5994560-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]

@="{C5994561-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]

@="{C5994562-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]

@="{C5994563-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]

@="{C5994564-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]

@="{C5994565-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]

@="{C5994566-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]

@="{C5994567-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]

@="{C5994568-53D9-4125-87C9-F193FC689CB2}"

[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]

2011-06-13 15:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-07-24 7938080]

"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-07-24 1833504]

"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]

"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://www.google.com/

mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{F158A689-5F56-4735-95DB-B1B7F0E2835A}: NameServer = 209.18.47.61,209.18.47.62

Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.2.0\ViProtocol.dll

FF - ProfilePath - c:\users\DeerSlayer7600\AppData\Roaming\Mozilla\Firefox\Profiles\cvh7xht7.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.weather.com/

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnI=I%27m+Feeling+Lucky&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: network.proxy.type - 0

FF - user.js: network.protocol-handler.warn-external.dnupdate - false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false);user_pref(network.protocol-handler.warn-external.dnupdate, false

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)

Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe

WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)

HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]

"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=5000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\% C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-2819605077-4113226334-3711507615-1000\Software\SecuROM\License information*]

"datasecu"=hex:f8,f4,1a,0d,ee,13,83,b3,e6,73,39,48,d1,01,d4,ef,83,60,54,f6,ca,

b7,2c,10,61,c8,db,02,03,11,10,1b,d9,29,ee,a9,9d,09,eb,a3,3f,7a,88,d0,08,2d,\

"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2012-08-19 04:09:33

ComboFix-quarantined-files.txt 2012-08-19 08:09

.

Pre-Run: 95,891,103,744 bytes free

Post-Run: 95,430,197,248 bytes free

.

- - End Of File - - 6CC9EAC1AD29957542E5C879AE3C2364

[Countryrock2001]

Still redirecting. For example, I searched for combofix using the google search box in firefox, when I clicked on the link to go to its website, it directed me to something to do with norton antivirus, some buy.static.norton website. Whats next?

[Countryrock2001]

Here is another site i was redirected to. http://click.get-amazing-results.com/ads-clicktrack/click/jump1.do?sid=kzHRpO0Jg618xlHzeTLns6IbiSRa%2F1ZJvqHz9eQYm9w%3D&affiliate=46938&subid=12111&rc=0&terms=network+path+not+found+error

[LDTate]

Try adding AdBlock and NoScript

https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/

[Countryrock2001]

I've had AdBlock for a while. I'll give NoScript a shot now.

[LDTate]

Let me know if that worked

[Countryrock2001]

It seems to be working, but I'll have to keep an eye on things. I'll reply here if I still get redirects.

[LDTate]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!